diff options
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/README | 13 | ||||
| -rw-r--r-- | nixos/doc/manual/contributing-to-this-manual.xml | 22 | ||||
| -rw-r--r-- | nixos/doc/manual/manual.xml | 1 | ||||
| -rw-r--r-- | nixos/modules/hardware/rtl-sdr.nix | 20 | ||||
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/admin/salt/master.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/services/desktops/pipewire.nix | 72 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters.nix | 3 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/rtl_433.nix | 78 | ||||
| -rw-r--r-- | nixos/modules/services/x11/display-managers/default.nix | 6 | ||||
| -rw-r--r-- | nixos/tests/certmgr.nix | 30 | ||||
| -rw-r--r-- | nixos/tests/ferm.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/installed-tests/default.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/installed-tests/pipewire.nix | 5 | ||||
| -rw-r--r-- | nixos/tests/prometheus-exporters.nix | 31 |
15 files changed, 257 insertions, 29 deletions
diff --git a/nixos/doc/manual/README b/nixos/doc/manual/README index 587f6275197a..120c127d7af2 100644 --- a/nixos/doc/manual/README +++ b/nixos/doc/manual/README @@ -1,12 +1,3 @@ -To build the manual, you need Nix installed on your system (no need -for NixOS). To install Nix, follow the instructions at +Moved to: ./contributing-to-this-manual.xml. Link: - https://nixos.org/nix/download.html - -When you have Nix on your system, in the root directory of the project -(i.e., `nixpkgs`), run: - - nix-build nixos/release.nix -A manual.x86_64-linux - -When this command successfully finishes, it will tell you where the -manual got generated. +https://nixos.org/manual/nixos/unstable/#chap-contributing diff --git a/nixos/doc/manual/contributing-to-this-manual.xml b/nixos/doc/manual/contributing-to-this-manual.xml new file mode 100644 index 000000000000..9820e75fc337 --- /dev/null +++ b/nixos/doc/manual/contributing-to-this-manual.xml @@ -0,0 +1,22 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xml:id="chap-contributing"> + <title>Contributing to this documentation</title> + <para> + The DocBook sources of NixOS' manual are in the <filename +xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual"> +nixos/doc/manual</filename> subdirectory of the <link +xlink:href="https://github.com/NixOS/nixpkgs">Nixpkgs</link> repository. + </para> + <para> + You can quickly check your edits with the following: + </para> +<screen> +<prompt>$ </prompt>cd /path/to/nixpkgs/nixos/doc/manual +<prompt>$ </prompt>nix-build nixos/release.nix -A manual.x86_64-linux +</screen> + <para> + If the build succeeds, the manual will be in + <filename>./result/share/doc/nixos/index.html</filename>. + </para> +</chapter> diff --git a/nixos/doc/manual/manual.xml b/nixos/doc/manual/manual.xml index 18a67a2dd941..db9e7313831d 100644 --- a/nixos/doc/manual/manual.xml +++ b/nixos/doc/manual/manual.xml @@ -19,5 +19,6 @@ <xi:include href="./generated/options-db.xml" xpointer="configuration-variable-list" /> </appendix> + <xi:include href="contributing-to-this-manual.xml" /> <xi:include href="release-notes/release-notes.xml" /> </book> diff --git a/nixos/modules/hardware/rtl-sdr.nix b/nixos/modules/hardware/rtl-sdr.nix new file mode 100644 index 000000000000..77c8cb59a3d5 --- /dev/null +++ b/nixos/modules/hardware/rtl-sdr.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.hardware.rtl-sdr; + +in { + options.hardware.rtl-sdr = { + enable = lib.mkEnableOption '' + Enables rtl-sdr udev rules and ensures 'plugdev' group exists. + This is a prerequisite to using devices supported by rtl-sdr without + being root, since rtl-sdr USB descriptors will be owned by plugdev + through udev. + ''; + }; + + config = lib.mkIf cfg.enable { + services.udev.packages = [ pkgs.rtl-sdr ]; + users.groups.plugdev = {}; + }; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ed6201237b3d..cce4e8e74b4e 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -59,6 +59,7 @@ ./hardware/pcmcia.nix ./hardware/printers.nix ./hardware/raid/hpsa.nix + ./hardware/rtl-sdr.nix ./hardware/steam-hardware.nix ./hardware/system-76.nix ./hardware/tuxedo-keyboard.nix diff --git a/nixos/modules/services/admin/salt/master.nix b/nixos/modules/services/admin/salt/master.nix index c6b1b0cc0bd8..cb803d323bbd 100644 --- a/nixos/modules/services/admin/salt/master.nix +++ b/nixos/modules/services/admin/salt/master.nix @@ -59,5 +59,5 @@ in }; }; - meta.maintainers = with lib.maintainers; [ aneeshusa ]; + meta.maintainers = with lib.maintainers; [ Flakebi ]; } diff --git a/nixos/modules/services/desktops/pipewire.nix b/nixos/modules/services/desktops/pipewire.nix index 5aee59cfdcce..5179cbaf6bc2 100644 --- a/nixos/modules/services/desktops/pipewire.nix +++ b/nixos/modules/services/desktops/pipewire.nix @@ -5,8 +5,22 @@ with lib; let cfg = config.services.pipewire; - packages = with pkgs; [ pipewire ]; + enable32BitAlsaPlugins = cfg.alsa.support32Bit + && pkgs.stdenv.isx86_64 + && pkgs.pkgsi686Linux.pipewire != null; + # The package doesn't output to $out/lib/pipewire directly so that the + # overlays can use the outputs to replace the originals in FHS environments. + # + # This doesn't work in general because of missing development information. + jack-libs = pkgs.runCommand "jack-libs" {} '' + mkdir -p "$out/lib" + ln -s "${pkgs.pipewire.jack}/lib" "$out/lib/pipewire" + ''; + pulse-libs = pkgs.runCommand "pulse-libs" {} '' + mkdir -p "$out/lib" + ln -s "${pkgs.pipewire.pulse}/lib" "$out/lib/pipewire" + ''; in { meta = { @@ -25,17 +39,67 @@ in { Automatically run pipewire when connections are made to the pipewire socket. ''; }; + + alsa = { + enable = mkEnableOption "ALSA support"; + support32Bit = mkEnableOption "32-bit ALSA support on 64-bit systems"; + }; + + jack = { + enable = mkEnableOption "JACK audio emulation"; + }; + + pulse = { + enable = mkEnableOption "PulseAudio emulation"; + }; }; }; ###### implementation config = mkIf cfg.enable { - environment.systemPackages = packages; + assertions = [ + { + assertion = cfg.pulse.enable -> !config.hardware.pulseaudio.enable; + message = "PipeWire based PulseAudio emulation doesn't use the PulseAudio service"; + } + { + assertion = cfg.jack.enable -> !config.services.jack.jackd.enable; + message = "PIpeWire based JACK emulation doesn't use the JACK service"; + } + ]; + + environment.systemPackages = [ pkgs.pipewire ] + ++ lib.optional cfg.jack.enable jack-libs + ++ lib.optional cfg.pulse.enable pulse-libs; - systemd.packages = packages; + systemd.packages = [ pkgs.pipewire ]; + # PipeWire depends on DBUS but doesn't list it. Without this booting + # into a terminal results in the service crashing with an error. systemd.user.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ]; - }; + systemd.user.services.pipewire.bindsTo = [ "dbus.service" ]; + services.udev.packages = [ pkgs.pipewire ]; + # If any paths are updated here they must also be updated in the package test. + sound.extraConfig = mkIf cfg.alsa.enable '' + pcm_type.pipewire { + libs.native = ${pkgs.pipewire.lib}/lib/alsa-lib/libasound_module_pcm_pipewire.so ; + ${optionalString enable32BitAlsaPlugins + "libs.32Bit = ${pkgs.pkgsi686Linux.pipewire.lib}/lib/alsa-lib/libasound_module_pcm_pipewire.so ;"} + } + pcm.!default { + @func getenv + vars [ PCM ] + default "plug:pipewire" + playback_mode "-1" + capture_mode "-1" + } + ''; + environment.etc."alsa/conf.d/50-pipewire.conf" = mkIf cfg.alsa.enable { + source = "${pkgs.pipewire}/share/alsa/alsa.conf.d/50-pipewire.conf"; + }; + environment.sessionVariables.LD_LIBRARY_PATH = + lib.optional (cfg.jack.enable || cfg.pulse.enable) "/run/current-system/sw/lib/pipewire"; + }; } diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index 1233e5cdd1a9..a4aa470f5bc4 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -43,6 +43,7 @@ let "postgres" "redis" "rspamd" + "rtl_433" "snmp" "surfboard" "tor" @@ -224,6 +225,8 @@ in services.prometheus.exporters.minio.minioAccessSecret = mkDefault config.services.minio.secretKey; })] ++ [(mkIf config.services.rspamd.enable { services.prometheus.exporters.rspamd.url = mkDefault "http://localhost:11334/stat"; + })] ++ [(mkIf config.services.prometheus.exporters.rtl_433.enable { + hardware.rtl-sdr.enable = mkDefault true; })] ++ [(mkIf config.services.nginx.enable { systemd.services.prometheus-nginx-exporter.after = [ "nginx.service" ]; systemd.services.prometheus-nginx-exporter.requires = [ "nginx.service" ]; diff --git a/nixos/modules/services/monitoring/prometheus/exporters/rtl_433.nix b/nixos/modules/services/monitoring/prometheus/exporters/rtl_433.nix new file mode 100644 index 000000000000..01e420db3897 --- /dev/null +++ b/nixos/modules/services/monitoring/prometheus/exporters/rtl_433.nix @@ -0,0 +1,78 @@ +{ config, lib, pkgs, options }: + +let + cfg = config.services.prometheus.exporters.rtl_433; +in +{ + port = 9550; + + extraOpts = let + mkMatcherOptionType = field: description: with lib.types; + listOf (submodule { + options = { + name = lib.mkOption { + type = str; + description = "Name to match."; + }; + "${field}" = lib.mkOption { + type = int; + inherit description; + }; + location = lib.mkOption { + type = str; + description = "Location to match."; + }; + }; + }); + in + { + rtl433Flags = lib.mkOption { + type = lib.types.str; + default = "-C si"; + example = "-C si -R 19"; + description = '' + Flags passed verbatim to rtl_433 binary. + Having <literal>-C si</literal> (the default) is recommended since only Celsius temperatures are parsed. + ''; + }; + channels = lib.mkOption { + type = mkMatcherOptionType "channel" "Channel to match."; + default = []; + example = [ + { name = "Acurite"; channel = 6543; location = "Kitchen"; } + ]; + description = '' + List of channel matchers to export. + ''; + }; + ids = lib.mkOption { + type = mkMatcherOptionType "id" "ID to match."; + default = []; + example = [ + { name = "Nexus"; id = 1; location = "Bedroom"; } + ]; + description = '' + List of ID matchers to export. + ''; + }; + }; + + serviceOpts = { + serviceConfig = { + # rtl-sdr udev rules make supported USB devices +rw by plugdev. + SupplementaryGroups = "plugdev"; + ExecStart = let + matchers = (map (m: + "--channel_matcher '${m.name},${toString m.channel},${m.location}'" + ) cfg.channels) ++ (map (m: + "--id_matcher '${m.name},${toString m.id},${m.location}'" + ) cfg.ids); in '' + ${pkgs.prometheus-rtl_433-exporter}/bin/rtl_433_prometheus \ + -listen ${cfg.listenAddress}:${toString cfg.port} \ + -subprocess "${pkgs.rtl_433}/bin/rtl_433 -F json ${cfg.rtl433Flags}" \ + ${lib.concatStringsSep " \\\n " matchers} \ + ${lib.concatStringsSep " \\\n " cfg.extraFlags} + ''; + }; + }; +} diff --git a/nixos/modules/services/x11/display-managers/default.nix b/nixos/modules/services/x11/display-managers/default.nix index 568aeaceef75..6945a241f92f 100644 --- a/nixos/modules/services/x11/display-managers/default.nix +++ b/nixos/modules/services/x11/display-managers/default.nix @@ -474,6 +474,12 @@ in ) [dms wms] ); + + # Make xsessions and wayland sessions available in XDG_DATA_DIRS + # as some programs have behavior that depends on them being present + environment.sessionVariables.XDG_DATA_DIRS = [ + "${cfg.displayManager.sessionData.desktops}/share" + ]; }; imports = [ diff --git a/nixos/tests/certmgr.nix b/nixos/tests/certmgr.nix index ef32f54400e3..8f5b89487793 100644 --- a/nixos/tests/certmgr.nix +++ b/nixos/tests/certmgr.nix @@ -11,7 +11,7 @@ let file = { group = "nginx"; owner = "nginx"; - path = "/tmp/${host}-ca.pem"; + path = "/var/ssl/${host}-ca.pem"; }; label = "www_ca"; profile = "three-month"; @@ -20,13 +20,13 @@ let certificate = { group = "nginx"; owner = "nginx"; - path = "/tmp/${host}-cert.pem"; + path = "/var/ssl/${host}-cert.pem"; }; private_key = { group = "nginx"; mode = "0600"; owner = "nginx"; - path = "/tmp/${host}-key.pem"; + path = "/var/ssl/${host}-key.pem"; }; request = { CN = host; @@ -57,6 +57,8 @@ let services.cfssl.enable = true; systemd.services.cfssl.after = [ "cfssl-init.service" "networking.target" ]; + systemd.tmpfiles.rules = [ "d /var/ssl 777 root root" ]; + systemd.services.cfssl-init = { description = "Initialize the cfssl CA"; wantedBy = [ "multi-user.target" ]; @@ -87,8 +89,8 @@ let enable = true; virtualHosts = lib.mkMerge (map (host: { ${host} = { - sslCertificate = "/tmp/${host}-cert.pem"; - sslCertificateKey = "/tmp/${host}-key.pem"; + sslCertificate = "/var/ssl/${host}-cert.pem"; + sslCertificateKey = "/var/ssl/${host}-key.pem"; extraConfig = '' ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ''; @@ -124,16 +126,18 @@ in }; testScript = '' machine.wait_for_unit("cfssl.service") - machine.wait_until_succeeds("ls /tmp/decl.example.org-ca.pem") - machine.wait_until_succeeds("ls /tmp/decl.example.org-key.pem") - machine.wait_until_succeeds("ls /tmp/decl.example.org-cert.pem") - machine.wait_until_succeeds("ls /tmp/imp.example.org-ca.pem") - machine.wait_until_succeeds("ls /tmp/imp.example.org-key.pem") - machine.wait_until_succeeds("ls /tmp/imp.example.org-cert.pem") + machine.wait_until_succeeds("ls /var/ssl/decl.example.org-ca.pem") + machine.wait_until_succeeds("ls /var/ssl/decl.example.org-key.pem") + machine.wait_until_succeeds("ls /var/ssl/decl.example.org-cert.pem") + machine.wait_until_succeeds("ls /var/ssl/imp.example.org-ca.pem") + machine.wait_until_succeeds("ls /var/ssl/imp.example.org-key.pem") + machine.wait_until_succeeds("ls /var/ssl/imp.example.org-cert.pem") machine.wait_for_unit("nginx.service") assert 1 < int(machine.succeed('journalctl -u nginx | grep "Starting Nginx" | wc -l')) - machine.succeed("curl --cacert /tmp/imp.example.org-ca.pem https://imp.example.org") - machine.succeed("curl --cacert /tmp/decl.example.org-ca.pem https://decl.example.org") + machine.succeed("curl --cacert /var/ssl/imp.example.org-ca.pem https://imp.example.org") + machine.succeed( + "curl --cacert /var/ssl/decl.example.org-ca.pem https://decl.example.org" + ) ''; }; diff --git a/nixos/tests/ferm.nix b/nixos/tests/ferm.nix index a73c9ce739cf..112b5f19a7de 100644 --- a/nixos/tests/ferm.nix +++ b/nixos/tests/ferm.nix @@ -56,6 +56,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { start_all() client.wait_for_unit("network-online.target") + server.wait_for_unit("network-online.target") server.wait_for_unit("ferm.service") server.wait_for_unit("nginx.service") server.wait_until_succeeds("ss -ntl | grep -q 80") diff --git a/nixos/tests/installed-tests/default.nix b/nixos/tests/installed-tests/default.nix index 889a00d4b568..50ca8ad2b50f 100644 --- a/nixos/tests/installed-tests/default.nix +++ b/nixos/tests/installed-tests/default.nix @@ -101,5 +101,6 @@ in libxmlb = callInstalledTest ./libxmlb.nix {}; malcontent = callInstalledTest ./malcontent.nix {}; ostree = callInstalledTest ./ostree.nix {}; + pipewire = callInstalledTest ./pipewire.nix {}; xdg-desktop-portal = callInstalledTest ./xdg-desktop-portal.nix {}; } diff --git a/nixos/tests/installed-tests/pipewire.nix b/nixos/tests/installed-tests/pipewire.nix new file mode 100644 index 000000000000..f4154b5d2fd7 --- /dev/null +++ b/nixos/tests/installed-tests/pipewire.nix @@ -0,0 +1,5 @@ +{ pkgs, lib, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.pipewire; +} diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index ad2fff2b01f6..2553f5dcf747 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -563,6 +563,37 @@ let ''; }; + rtl_433 = { + exporterConfig = { + enable = true; + }; + metricProvider = { + # Mock rtl_433 binary to return a dummy metric stream. + nixpkgs.overlays = [ (self: super: { + rtl_433 = self.runCommand "rtl_433" {} '' + mkdir -p "$out/bin" + cat <<EOF > "$out/bin/rtl_433" + #!/bin/sh + while true; do + printf '{"time" : "2020-04-26 13:37:42", "model" : "zopieux", "id" : 55, "channel" : 3, "temperature_C" : 18.000}\n' + sleep 4 + done + EOF + chmod +x "$out/bin/rtl_433" + ''; + }) ]; + }; + exporterTest = '' + wait_for_unit("prometheus-rtl_433-exporter.service") + wait_for_open_port(9550) + wait_until_succeeds( + "curl -sSf localhost:9550/metrics | grep -q '{}'".format( + 'rtl_433_temperature_celsius{channel="3",id="55",location="",model="zopieux"} 18' + ) + ) + ''; + }; + snmp = { exporterConfig = { enable = true; |